Cisco Duo Reviews

We use it for MFA to secure our Outlook webmail and some other applications as well. We use Duo for pretty much anything that uses MFA. 

We were looking for increased security. We wanted to make sure that the person who is trying to log in to our services is actually who they claim to be. We wanted to lock down our applications more and provide extra security.

We have some on-prem servers for the gateways and it's in the cloud as well.

It has definitely made our company more secure. It's pretty easy to incorporate into any sort of application you want to. We also use it for single sign-on for certain applications and that has been nice. People hate passwords.

It's really great for remote workers and a hybrid workforce nowadays, for people who are trying to access their VPN or any applications from outside of the company. It helps us make sure it's someone who should be accessing those things. It does a good job.

It's definitely a factor in achieving that Zero Trust.

In a way, it helps us remediate threats more quickly. If someone is trying a brute-force attack, trying all the passwords they can, and they're not getting a response through Duo, you can see certain security threats that are happening and remediate them.

Duo has also had a big impact on employee morale. People like it. They feel that their data is more secure. Resiliency is very key to keeping people doing their jobs. Cyber security resilience has been very important for us. It used to be that security was not to be the main focus, but it's extremely important now. There are a lot of ransomware attacks and people need to be very cognizant of that. It's important to have redundant and resilient systems in place to support that.

It's nice to have that push notification with the app and it's pretty easy to use. Our users are usually pretty open to it, and it's pretty easy to onboard people.

It also seems like it's accurate, and you can add multiple devices to your account.

In addition, typically, if it detects that you're on an internal network, you can bypass the Duo portion of it. That way, people don't have to do MFA when they're on campus.

Another feature is the single pane of glass management. That's important for analytics and also for troubleshooting. It means there's one place that you go to at least start the troubleshooting process. It also helps with the user experience because you can manage all the user accounts from that one spot, including setting up new users, making adjustments, editing their preferences, et cetera.

It could be a little bit more intuitive when it comes to the sign-up process. I know they send out an email, but sometimes our users get a little confused. It could be an end-user problem, but Cisco could work on that a little.

I've been using Duo Security for about two years.

It seems very stable. I don't think there has been any point at which people have tried to use it and it has failed.

The scalability seems fine. As long as you get the licensing to support it, you can add as many users as you'd like.

We have five or six offices locally, and a few more in different states in the US. We also have one in Shanghai, but they're doing their own thing there. But everyone in our US offices uses it, they all get enrolled. Typically, people will install the app on their phones although they don't have to.

I don't think we've had to use technical support too often, which is a good thing about the product itself.

We didn't use an MFA before Duo.

When the solution was rolled out, I wasn't with the company, but we then expanded it in different ways and I have been involved in that. In terms of the initial deployment, from what I can tell, it was relatively straightforward. And from what I've seen since, it hasn't been too hard to expand it to other services.

It's definitely a valuable product to have.

We may have evaluated other options at a surface level, but we didn't really go too deeply into them. We pretty much went with Duo out the gate.

I would tell leaders who want to build more resilience within their organization to do it right now. It's definitely important and there are a lot of resources out there that can help them on that path. Duo helps with that.

It does what it's marketed to do.

We use it for multi-factor authentication. That's the only use case we have now. We're not using it to its maximum capabilities but we'll use it for more functions moving forward.

Duo Security has improved our cybersecurity resilience. Multi-factor authentication gives us another layer of protection. Having another layer of security is very important for us.

Duo Security establishes trust for every access request, no matter where it comes from. This is something that's absolutely needed.

It's easy to deploy. It's easy to manage. It's easy to integrate with other applications. 

We also use it for single sign-on with Meraki and VPN access for non-Cisco firewalls, but we're now migrating to Cisco firewalls. It's easy to deploy, and it works.

I'm not using it as much as I could. So far, it has everything I need. I don't have any requirements or improvements. Everything is working smoothly, and we're happy with it.

We have been using Duo Security for about two years.

Its stability is great.

We have 1,500 users that use Duo Security. We're planning to use Duo Security for more applications, but the number of users won't increase anymore, so in terms of scalability, I don't think we'll have any issues.

We have opened some cases with Cisco for questions and things at all, and they were very helpful. They're very good. They answer questions quickly, and the people who work there are knowledgeable, so I can't complain. I'd rate them a ten out of ten because I got prompt responses and knowledgeable people.

Positive

We were using Microsoft Authenticator before, but we had a lot of problems with that, so we had to move away from that. Initially, we didn't have any multi-factor authentication, so having a multi-factor authentication for multiple applications and services that we provide helps us in making our network more secure.

You synchronize your AD with Duo Security and create all the groups for access.  You send the emails to do the deployment, and you load the cell phone numbers. That's for the end-user side, and for the firewall, we have the proxies. We're using a proxy for one of the products. Our firewall sends RADIUS requests to the proxy, and the proxy communicates to Duo Cloud. The virtual machine deployment for the process was very easy. The configuration takes a few steps, but it's easy.

We've both on-premise and cloud deployments. We're using the tool on the cloud, but we don't have any infrastructure on the cloud.

We did the deployment ourselves.

We have seen an ROI. The cost of not having it means you're vulnerable to hacking and other things. Nowadays, multi-factor authentication is required for insurance. It's a must now.

It's very simple. Its price is fair. We use the hardware tokens as well. You get what you pay for.

In terms of licensing, Cisco has very complicated products, but Duo Security was surprisingly easy. The licensing model is easy. The license is based on the intent. You can see how many licenses you have. It's one of the easiest solutions I have deployed, so I'm very happy about it. Every other Cisco product—such as switches, APs, wireless, and controllers—has a very complicated license model. The new smart license model doesn't always work. It's very complicated. The vendors will put your license somewhere else. You need to talk to vendors. It's complicated, but Duo Security licensing is simple.

We evaluated RSA, Microsoft, and Duo Security. We evaluated these three, and we realized that Duo Security had better reviews, and it was easier to deploy and cost-effective, so it made sense to use it.

Overall, I'd rate Duo Security a ten out of ten.

We use it citywide. I work for a city, local government, and we implemented it during the pandemic.

We support it for remote access to our network. Every city employee is required to use it, including the police and fire departments. However, it's hard to concretely say if the solution has helped reduce the risk of breaches in one way or another.
Apart from that, we focus on user education in cybersecurity and provide training to our end-user population to heighten awareness. This is in addition to the two-factor authentication, so we don't solely rely on that.

Duo Security has improved our organization from a security standpoint. The two-factor authentication has become a requirement in most cases. It is specifically required by cybersecurity insurance.

Not only are we doing it for requirement purposes, but it also gives us an additional layer of confidence. Duo Security's additional layer of security gives us added confidence that our network will be less likely to get hacked, compromised, or otherwise.

Moreover, we're very satisfied with the solution for helping secure our infrastructure from end to end. It definitely gives us an added layer of our confidence knowing that two-factor authentication is implemented. In our organization, network-wise, the confidence level is fairly high, and we're happy with it.

The way we involve the end users is with their mobile devices and mobile phone numbers. Once they do get involved, we are pretty confident that they are being reached out to through the number that we have in the system for them, and there's really no reason on our end to doubt the validity of those authentication requests when they come through. We trust Duo Security for every access request, no matter where it comes from.

Duo Security has become essential to our environment, considering today's time when our workforce is becoming more and more mobile.

Duo Security helped our organization improve its cybersecurity resilience. It has given that added layer of security and keeps the awareness on the user's end as well.

It's easy to use, frankly. All it takes really is for the end user to download the app. For me, I have an Apple Watch; I don't even have to wait for my phone. I can accept the prompt right there and just be on my way.

Moreover, we are comfortable and have high confidence in the solution's user authentication; device verification can prevent identity-based attacks.

One of the challenges was for the police force. A lot of them, at first, weren't keen on using their personal cell phone for, quote-unquote, city business. As a city, we require them to download an app for two-factor authentication. There is a little bit of apprehension for some users thinking, well, "How do I know this app is not collecting personal information from my personal device?" was the only obstacle we ran into. Overall, satisfaction is good.

To mitigate this problem, there was an option where the city would choose to just go with utilizing the app. There's another option where you can get a text message as opposed to having to download the app and accept what the app has on it.

I have been using Duo Security for three years. 

Duo Security is a stable solution. 

We never encountered any issues in terms of scalability. 

The customer service and support have been very good. We haven't had to call them many times. They've been able to assist every time there was an issue.

The responses have always been timely, and I haven't gotten any complaints from our security manager.

We used a different solution but had it in limited use only for our public safety team. That was a requirement at the time because of the type of information that they had access to. We were looking for something versatile. 

With Duo Security, the easier user access and user adaption were a little easier. We felt the solution was a little clunky at times, and we are already in the Cisco ecosystem, and that's one of their products. So we decided that was the best solution at the time. That's why we switched to Duo Security.

Implementation was fairly easy. Moreover, once you have it implemented, it's very minimal.

Duo Security doesn't require a lot of maintenance. From that standpoint, the solution has freed up time. However, it's not something that we had beforehand. In other words, it's not necessarily alleviating work. However, it is easy to manage.

The pricing was a lot more than what we were paying for our previous solution. However, our previous solution only covered two out of the sixteen departments within the city.

It’s a bit of a pie chart in that sense but we understood that with Duo Security, we were deploying it on a broader scale.

Overall, the pricing was higher than our expectations, but considering the circumstances during the pandemic and the increased demand, we understood the importance of making the right decision and moving forward with the best product.

I would say we are happy with it. However, I haven't conducted any recent market surveys to compare pricing, so it's difficult to make a definitive statement. Ultimately, what matters most is the satisfaction of our end users, and in that regard, it is currently very high.

We did look at some other products. We had a security manager who was responsible for conducting the necessary research and legwork. However, he did present us with a few different solutions, and our network manager was also involved in exploring options. Ultimately, Duo Security was selected as the preferred solution.

And also, what happened right before then, we had attended Cisco Live, had been exposed to Cisco Duo, and really liked what we saw. So we went into it with a bit of bias, to be honest, because we already saw it.

Duo Security is a great solution. The adoption and learning curve for the end user is low, in our opinion.

Overall, I would rate Duo Security an eight out of ten.

You don't need any other Cisco security products in order to use it. That's what makes it easy.

Normally, people use it for multi-factor authentication. It's an easy-to-install multi-factor authentication platform.

Regarding the valuable features, I would say that Duo Security is easy to use, has speed, and is dependable.

It would be nice if there was a biometric option rather where you could accept with a fingerprint. Like, in an iPhone, they have fingerprint authentication and face ID. It would be nice if there was a biometric acceptance as opposed to just clicking and accepting.

I have been using Duo Security for thirteen years. I am a distributor of the solution.

Regarding stability, I don't know if that comes into question. With my clients, I haven't seen them facing stability issues.

I have seen it deployed in an organization with 50 people and another with 5,000 people.

I love the solution's technical support. Regarding the adjectives I would use to describe the support, I would say that the support was professional and accommodating. I wish that the support would be a little bit more prompt and a little bit more flexible because there are certain things that they will do and certain things they won't do. Then they push what they won't do back down to the distributor.

I also wish that they consider us as distributors because we're not the traditional partner. It's almost like we are Cisco. I wish that we could share more resources behind Cisco Firewall and behind Cisco's resources. I rate the support an eight out of ten.

Positive

The reason we chose Duo Security over its competitors is because it's a freebie that you can try and see how it goes. There is also the ease of integration with Duo Security. I don't really know of any other MFA that is as simple. With Duo Security, it's like, here's your authorization, and you need to click on the yes or no options.

I would say that the solution does increase security because it does require MFA, and as long as the company enforces it installed on a specific device, it works.

It does not secure my infrastructure from end to end and detect or remediate threats. It's not the function of the product.

Regarding my assessment of Duo Security for establishing trust for every access request, no matter where it comes from, I would say that it is absolutely dependent on how the company deploys it. If the company says just deploy Duo Security on an old device, then it's kind of a hope.

 The whole point of having Duo Security is that it considers all resources to be external. 

Multi-factor authentication in general helped my organization improve its cybersecurity resilience. Any MFA will do that.

I would tell those considering having Duo Security in their organization that it's easy. You don't need to have every other Cisco product out there since I know that, for a fact, you can do it with Sophos and Fortinet. You can do it with other products, not just Cisco.

I rate the overall product an eight out of ten.

Duo is part of a complete security package that Cisco provides. Initially, we only used Duo to secure Microsoft 365, but we now use it for other applications like VPN, terminal server access, etc.

A couple of months ago, our colleagues got phishing emails from real accounts because other companies got hacked. The scammers write emails from a hacked account because they see an employee on the contact list. They seem real because the images are authentic. That leads to a portal where you have to insert your credentials. 

Like any MFA, Cisco Duo sends a message when someone tries to access your account. That's the part that helped us because a person always falls for it. Unauthorized access is a serious problem, even if it doesn't affect your files. It's a potential risk to our reputation because it doesn't look good if a hacker is using your company email address to send spam.

I'm not sure if Duo saved us time. Any security measure inevitably makes things more complicated. If you eliminate security solutions, it's easier on your users, but you have no security. It's like wearing a helmet on a motorcycle. You don't need it until you fall. 

Our security posture is getting better, but we still have room for improvement. We're implementing several security packages currently and hope to be where we want to be by the end of this year. 

Most of my colleagues from other companies use the Microsoft MFA solution because it's included in Office 365. Few people are considering Cisco Duo. That's the primary problem in our area. It's a solution mostly adopted by Cisco users.

We are new users and only started transitioning to Cisco last year.

We haven't experienced any issues so far, and I hope it stays that way. Nothing is 100 percent, but it's close to that. 

Our company isn't too big. Cisco is the perfect product for our current size, and I don't think we'll have problems with scalability as we grow.

We rely on our partner for technical support, so we've never contacted Cisco for that. 

We used HP networking and security products but transitioned to Cisco last year. In the food manufacturing industry, Cisco has some advantages over others. For example, Cisco switches are made for heavy industry and are designed for devices in the mills. Cisco is certified to integrate with Siemens microprocessors. 

What is critical for me isn't the product itself, it's your partner. If you have a great partner, you can also work with HP or other competitors. Having a partner to implement everything and suggest best practices is essential. Our partner NTS works exclusively with Cisco, so we switched from the competitor to Cisco when we switched partners.

The deployment was straightforward with the help of our partner. I can't do it all alone, but our partner has 450 Cisco-certified technicians. 

Cisco has the most expensive products because market leaders tend to charge a lot.

I rate Cisco Duo Security a nine out of ten. I would give the solution a perfect score if it were a little cheaper. Cisco is expensive.

With Duo, MFA allows the network to have an authenticated user sign-on seamlessly. If someone's entering a password and their user credentials and they want to get access to the network, the Duo app will have a code that the end-user has to input, which then authenticates them. It's a second layer of security before they can access the network. Even if a third party gets your username and password, without that Duo access, they won't be able to access your network.

We don't have to worry so much about the end-user that's logging in.

Multifactor authentication is the most valuable feature.

As for establishing trust for every access request, that's exactly what this solution does. Outside of having a username and password, you have to get authentication from Duo as well.

You can never eliminate trust, but what Duo Security does do is add an extra layer of security. When it comes to the internet, networks, inbound traffic, and outbound traffic, you're always subject to a potential threat. Duo Security just adds another layer.

It's a great addition to the security of any network infrastructure.

In terms of helping workers feel safe, everyone knows that the information within the enterprise is safe because the people that are logging in have been authenticated in more than one way.

It's pretty easy to maintain network connectivity once it's set up; the end-user uses it to log in. It's not something that you have to constantly manage and deal with apart from pushing updates. It's pretty much self-managed.

In terms of consistency across workspaces, it works all the time, except for when a forced update is needed.

It helped us remediate threats more quickly. For instance, if someone accesses your credentials or you leave your laptop open and someone gains access when it times out, you still need the Duo code that is sent. A new code is always needed to be able to access that laptop or even that phone. Then, from there you're able to safeguard the information that your company has.

Nowadays, data is the number one commodity, so protecting that at all costs is really important. Duo helps with that with end-users. The thing about end-users is that they are volatile. You can't really control what someone does. So, Duo security helps with managing that by having them implement a new time code that's always sensitive.

Technical support could be improved. I don't think all support should have to go through an agreement.

I've been using this solution for seven years.

It's very stable. There aren't many issues with Duo.

The scalability is just fine. If you scale a certain amount, you have to upgrade and update your license. Outside of that, it's fine.

We are a large organization that deals with a lot of high transactional payments, and we have a large number of users, maybe 100,000 a day, and inbound user traffic.

If you open up a TAC case and they get to you quickly, it's fine. If you have a service agreement that says that they will get back to you within one to two hours, that's fine because you can resolve an issue. Now, if you don't have that agreement and are just a regular user, they take 48 hours to get back to you, and if you and the network team or the security team can't figure out the issue, a lot of money could be lost in two days.

Because there's always room for improvement and because I don't think all support should have to go through an agreement, I would rate technical support at eight on a scale from one to ten.

Positive

Anytime your network is secure and it's not breached or there's no downtime or infiltration of your perimeter, there's always an ROI.

With regard to pricing, for a small business buying a one-off, it's pretty expensive. If it's an enterprise that has thousands of employees, however, it's really nothing to protect your data because if your network goes down or it's breached, you're losing millions of dollars every minute. When it comes to a large enterprise, it's priced where it should be because you're talking business to business. You're not talking business to consumer.

To leaders who want to build more resilience within their organization's security, I would say that you can't go wrong with Cisco products when it comes to security. You can start with Cisco Umbrella, then go down to their firewalls, and then the next-generation firewalls. Then, you can move down to their end-user security endpoints.

The whole lineup through their security portfolio is really strong. If you're spending $50,000 on a suite and a $100,000 total contract value, you can enter a 3.0 Enterprise Agreement. Then from there, you can lock in prices for one, three, to five years. So, when it comes to any enterprise, when you're talking about security, if you use all of Cisco's security features, from end-user out to your data centers, you'll be pretty well off.

If you have security concerns, implement Duo for your end-users.

Overall, I would rate Duo Security an eight on a scale from one to ten.

We use it for two-factor authentication so that we're not just relying on the username and password but also on two-factor authentication, whether it's through SMS or through the application.

People use very weak passwords, so it's very easy for attackers to get in and compromise accounts. This is why we need two-factor authentication and why we are with Duo Security. It helps us to not only rely on the username and password but also implement another layer of protection. Attackers are not going to be able to compromise accounts because of the two-factor authentication.

It has definitely reduced embedding. We found a lot of problems with attackers being able to compromise accounts. Now, when they try to access accounts, they are not able to do so because there is an added layer of protection. Once we know that a username and password are compromised, we just reset the password to protect the company.

I like the two-factor authentication, which gives another layer of protection.

It's very important for our organization that this solution considers all resources to be external. Our company has thousands of people who access from outside, and it's hard for us to know which one is legitimate and which one is illegitimate. Having two-factor authentication with Duo helps us to implement a second layer of authentication so that we know for certain that the people who are accessing accounts are legitimate.

It's a great solution for securing access to the applications and network because we can integrate the solution with all types of applications. The system has the ability to integrate customized applications built in-house and those that were brought in from outside. It integrates with network access as well, such as when you want to access a different node. It has multiple ways to authenticate applications, network access, etc., which helps us a lot to spread the solution across all our assets.

That the solution helps support hybrid work is very important to our organization because people access accounts from everywhere. Duo Security gives us the second layer of protection.

The solution provides a single pane of glass management to help us monitor all of the access.

Duo Security helped us remediate threats more quickly.

It is not easy to maintain network connectivity.

Duo Security should have more customized use cases. For example, if a client needs to have more customization, it would be better to connect directly with Duo's R&D to try to discuss the issues together in order to add customizations.

I've been using this solution for the last two years.

The stability is definitely good.

The scalability is great. The solution is deployed in multiple locations, and we have around 30,000 people.

The technical support is good. They are helping us, and I would give them an eight out of ten.

Positive

We switched to Duo Security because it's easier to implement and can be spread across all the applications.

We have definitely seen an ROI from a protection perspective. It helped us a lot to protect against compromised accounts.

Price-wise, it's not cheap, but it's not expensive at all either. It's in the middle.

I would rate Duo Security at nine on a scale from one to ten.

We use it for multifactor authentication for getting in with cell phones and PCs.

Duo Security allows us to be remote, and it keeps us secure. It has been very good for securing our infrastructure from end to end. We haven't had any issues.

It has helped free up our IT staff, but I don't have the metrics on how much time it has actually saved. We don't worry about it. It just works.

It has been good for establishing trust for every access request, no matter where it comes from.

We're working remotely. It helps us keep people more safe. Its adoption has been fine. I like the fact that you can bypass it if you need to because there are situations where the internet doesn't work, etc.

Its ability to help reduce the risk of breaches is pretty good. I like its ability for user authentication and device verification.

We use Yubikey for pushing it to the phones. Yubikeys can get expensive because people tend to lose those for some reason. Fifty dollars a device is pretty high.

I've been using this solution for a couple of years.

I don't deal directly with their tech support myself. I've got some other folks that do that for me, but I don't hear any complaints, so I'd rate them really high.

We did use another solution. I can't remember the name of it, but it had a lot of flaws and a lot of issues. It did not connect to the equipment that we had to use. It would break down, so we had to find something else.

We didn't consider another solution. While researching, Duo Security came out to be the best. The last one was terrible, and this one ranked a lot higher.

We have a hybrid deployment. It was very easy to implement it. 

It integrates well with other systems. We have Cisco Umbrella and Cisco routing and switching. We had Cisco firewalls, but I wouldn't recommend them. 

We've seen an ROI in using this product. There is stability and ease of use. It isn't a problem to handle. It's simple to deal with.

It falls in line with everything else.

To someone researching this solution who wants to improve cybersecurity in their organization, I'd say that it has been very beneficial.

Overall, I'd rate Duo Security a ten out of ten.